Reverse Engineering Mac Malware 4 - File AnalysisForensic analyst Sarah Edwards now turns the focus of her presentation to the ins and
outs of file analysis on Mac OS X. Within the framework of this nontrivial
activity, really verbose tools such as Dtrace, fs_usage and fseventer are looked
into, with some examples of the returned metadata and other attributes being
provided along the way. Generally, this part is covering the methods for
analyzing arbitrary Mac files and the types of information that can be
retrieved as a result of this workflow.
Source:
Reverse Engineering Mac Malware 4 - File Analysis